Architectural considerations for enabling industrial IoT devices

The Industrial Internet of Things (IIoT) is a transformative technology. Implementing, deploying, and maintaining such an infrastructure can be a tricky proposition at best. A successful implementation is more than device connectivity and security, it’s also about expanding the breadth and depth of all connected devices, providing additional value for the user with increased profitability and growth.

To achieve this goal requires careful preparation and a thorough understanding of what today’s IIoT technologies have to offer.

Available enabling technologies consist of a few comprehensive cloud platforms with their associated device enablement software development kits (SDKs), along with a host of commercial and open source runtime components and cloud backend applications.

This article touches on a few key architectural considerations required for the successful operation of IIoT devices with a focus on the software that runs on the device.

Industrial IoT Enablement

The major goals of an Industrial IoT implementation are: 1) to securely connect end node and edge/gateway type embedded devices to a cloud backend; 2) collect data from these devices, and visualize/analyze or present this data in a meaningful manner; and 3) to offer a means in which to interact, configure, maintain, and upgrade the devices using a cloud-based infrastructure.

To better understand how a smart device interacts with the cloud, or more specifically, the cloud backend services, let’s take a look at a few basic steps a typical smart device might take

Step #1 - Secure onboarding This begins with the secure boot of a device. In this initial stage, the boot process must sequentially authenticate the boot loader, operating system software, and other software components which are all executed as part of the boot sequence. Post secure boot, the device needs to securely onboard itself with the backend. Cloud platforms provide comprehensive infrastructure that allow for identity management and authentication of devices trying to onboard onto the system.

Step #2 - Configure, monitor, and controlOnce the device is onboarded, the next step is for the device runtime to instantiate and expose the parameters and services supported by the device to the backend. This is accomplished using a "data model" or a standardized "object model" which is compatible with the cloud backend infrastructure.

Step #4 - Secure telemetry After the data or object model has been established between the device and the backend, the device pushes the data up to the cloud and receives asynchronous messages from the cloud. Securing data in motion is a table-stakes requirement in the IIoT. Transport Layer Security (TLS) and Secure Socket Layer (SSL) are typically employed to establish a secure connection and encryption of data exchanged between the device and the backend.

Step #4 - Software updates and maintenance This is a key attribute toward achieving reliable operations from cloud-connected devices. In order to fix bugs, upgrade functionality, and patch security issues, a comprehensive infrastructure to manage device firmware, applications, and data is critically important.

Embedded Devices in Industrial IoT

IIoT devices can be categorized as end nodes, which are located in the lower tier of an IIoT ecosystem, and edge nodes which often serve as a gateway between the end nodes and the cloud backend. End nodes are commonly actuators, sensors, controllers, human machine interfaces (HMIs), etc. In some cases, end nodes will connect directly to the cloud without the use of an edge node/gateway.

Although both end nodes and gateways are embedded devices they can vary significantly in form factor and functionality. End node devices can be quite small. Often they are 8- or 16-bit smart sensors that utilize simplified wireless protocols and extreme power management strategies to harvest local energy for maintenance-free operation. On the other end of the spectrum, edge nodes can be powerful multi-processor, multicore devices with enterprise/server-like computational power. From a software perspective, end node devices can run on bare metal (no operating system) and for larger devices, a real-time operating system (RTOS) or even a general-purpose operating system (GPOS), such as a Linux®, are often deployed.

An example component architecture for runtime software for an edge node, or cloud-connected end node, is shown in Figure 1. The diagram depicts a typical architecture that consists of a cloud vendor-provided SDK for the device and other OS/System services needed to fulfil the device management needs for the connected device.